The Onapsis Research Lab delivers regular SAP and Oracle vulnerability research to our eco-system of customers, partners and the information security industry

Onapsis security advisories enable customers to better understand the security and business implications of discovered SAP and Oracle security issues. This enables organizations to prioritize patches, updates and their remediation strategies to ensure continuity of the business. Onapsis security advisories, together with vendor patches and security notes, are available for download to provide vendors and end-users with the necessary information to mitigate advanced threats to mission-critical applications running on SAP and Oracle.

Oracle
High
07/18/2017

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.

SAP
Medium
07/18/2017

By exploiting this vulnerability an attacker could learn the SAP version and then understand which vulnerabilities could exploit.

Oracle
High
07/18/2017

By exploiting this vulnerability, a remote attacker could steal sensitive business information by redirecting users to a malicious site.

SAP
Medium
06/13/2017

By exploiting this SAP Vulnerability an attacker that has previously compromised a workstation could access additional information from the SAP applications

SAP
High
06/13/2017

By exploiting this vulnerability, a remote unauthenticated attacker would be able to gain access to SAP systems potentially compromising its information and processes.

SAP
Low
09/21/2016

By exploiting this vulnerability, an attacker could potentially abuse technical functions to access and/or compromise business information.

SAP
Low
09/21/2016

By exploiting this vulnerability, an attacker could hide audit information logged by the SAP system.

SAP
Critical
09/21/2016

By exploiting this vulnerability, an authenticated user will be able to take full control of the system.

Oracle
Medium
09/21/2016

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system.

Pages